3-minute read

When hearing the term phishing, a cottage, lake and fishing rod may come to mind. However, this idyllic image is far from reality—spelled with a 'ph,' phishing refers to a widespread yet little-known online fraud method.

How would you react if you were to receive an email telling you that a well-known company is offering you a refund, a text message congratulating you on winning an important prize, or a message from your financial institution mentioning suspicious transactions on your account?

In this article, we offer various tools to help you stay vigilant and avoid becoming a victim of fraud or, in this case, phishing.

What is phishing?

Phishing is a fraudulent operation that consists of impersonating a commercial site, a well-known company or a financial institution. Fraudsters send emails or text messages in the name of the company, which encourage recipients to divulge their personal or banking information, such as their credit card number, by clicking on a hyperlink. This information is then used by the fraudsters to embezzle funds or even steal the identity of their victims.

According to the Canadian Anti-Fraud Centre, as of December 31, 2024, there were 34,621 victims and a reported loss of $638 million.

There are certain signs that can raise a red flag for identifying fraudulent messages:

• They often contain several spelling or formatting errors. However, the messages are becoming more sophisticated and personalized, and the elements found in them sometimes resemble an official email.

• They may be written in a language other than the one you normally use when communicating with that institution or company.

• You will often be asked to click on a link or open an attachment, which may contain viruses or spyware.

• The link provided does not reflect the site of the official company or institution. Also, avoid using any phone number or email address provided or clicking on a hyperlink. You may want to do some research yourself online to see if the contact information is reliable.

• Finally, if an email offer seems too good to be true, it probably is!

The different types of phishing.

There are several types of phishing attempts. Among them, the "fake CEO scam", a "spear-phishing" type of fraud, is becoming more and more frequent. In this case, fraudsters impersonate an individual within an organization, often an executive, and use an email address that appears to be genuine to entice an employee to transfer large sums of money to a third party or share confidential banking information, for example.

Other types of phishing attempts, often done by email or text message, are used to create a sense of urgency, to cast doubt in your mind, or to throw you off balance so you react quickly. For example, they may threaten to close your bank account or delay a package that is destined for you if you do not pay customs duties.

How to protect yourself from phishing.

First and foremost, always be vigilant. This is the best way to avoid falling into the trap of responding too quickly to a message. Make sure it comes from a reliable source and avoid clicking on the hyperlinks provided or opening attachments. Also, protect your computer with the latest anti-virus, anti-spyware and anti-spam software.

Think you've received a fraudulent email or text message? Help limit the number of victims by reporting it quickly to the Canadian Anti-Fraud Centre.

Also, don't hesitate to share the information with your friends and family so that they too can remain vigilant. And remember: when in doubt, it's always better not to act!

Laurentian Bank will never send you any unsolicited email to ask you to provide personal information, such as your password, account or credit card number, or your mother's maiden name.